| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
https://bugs.ruby-lang.org/issues/12752
https://ruby-doc.org/core-2.4.0/String.html#method-i-unpack1
|
|
|
|
|
|
| |
Found several instances.
Follow up on 63d530c5e68a8cf53603744789f53ccbc7ac1a0e
|
|
|
|
| |
Follow up of #31390.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit changes the behavior such the path_params now default to
UTF8 just like regular parameters. This also changes the behavior such
that if a path parameter contains invalid UTF8 it returns a 400 bad
request. Previously the behavior was to encode the path params as binary
but that's not the same as query params.
So this commit makes path params behave the same as query params.
It's important to test with a path that's encoded as binary because
that's how paths are encoded from the socket. The test that was altered
was changed to make the behavior for bad encoding the same as query
params. We want to treat path params the same as query params. The params
in the test are invalid UTF8 so they should return a bad request.
Fixes #29669
*Eileen M. Uchitelle, Aaron Patterson, & Tsukuru Tanimichi*
|
| |
|
| |
|
|
|
|
|
| |
This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing
changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
Style/SpaceBeforeBlockBraces
Style/SpaceInsideBlockBraces
Style/SpaceInsideHashLiteralBraces
Fix all violations in the repository.
|
|
|
|
| |
Hash syntax auto-correcting breaks alignments. 411ccbdab2608c62aabdb320d52cb02d446bb39c
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.
|
|
|
|
|
|
|
|
| |
Ruby 2.4 unifies Fixnum and Bignum into Integer: https://bugs.ruby-lang.org/issues/12005
* Forward compat with new unified Integer class in Ruby 2.4+.
* Backward compat with separate Fixnum/Bignum in Ruby 2.2 & 2.3.
* Drops needless Fixnum distinction in docs, preferring Integer.
|
|\
| |
| |
| | |
Refactor handling of :action default in routing
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The longstanding convention in Rails is that if the :action parameter
is missing or nil then it defaults to 'index'. Up until Rails 5.0.0.beta1
this was handled slightly differently than other routing defaults by
deleting it from the route options and adding it to the recall parameters.
With the recent focus of removing unnecessary duplications this has
exposed a problem in this strategy - we are now mutating the request's
path parameters and causing problems for later url generation. This will
typically affect url_for rather a named url helper since the latter
explicitly pass :controller, :action, etc.
The fix is to add a default for :action in the route class if the path
contains an :action segment and no default is passed. This change also
revealed an issue with the parameterized part expiry in that it doesn't
follow a right to left order - as soon as a dynamic segment is required
then all other segments become required.
Fixes #23019.
|
|/
|
|
|
|
|
|
| |
Allowing :controller and :action values to be specified via the path
in config/routes.rb has been an underlying cause of a number of issues
in Rails that have resulted in security releases. In light of this it's
better that controllers and actions are explicitly whitelisted rather
than trying to blacklist or sanitize 'bad' values.
|
|
|
|
|
|
|
|
|
| |
This reverts commit 5d1b7c3b441654e8008dcd303f5367883ec660a6.
The change here didn't actually fix the issue it was trying to fix, and
this isn't the correct way to fix either issue. The problem is switching
from the builder to grouping with find_all/regex is now very dependent
on how you structure your path pattern.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In commit d993cb3 `build_path` was changed from using `grep` to
`find_all` to save array allocations.
This change was a little too aggressive in that when the dash comes
before the symbol like `/omg-:song` the symbol is skipped.
Removing the check for `n.right.left.literal?` fixes this issue, but
does add back some allocations. The number of allocations are still well
less than before.
I've added a regression test to test this behavior for the future.
Fixes #23069.
Array allocations as of d993cb3:
```
{:T_SYMBOL=>11}
{:T_REGEXP=>17}
{:T_STRUCT=>6500}
{:T_MATCH=>12004}
{:T_OBJECT=>91009}
{:T_DATA=>100088}
{:T_HASH=>114013}
{:T_STRING=>159637}
{:T_ARRAY=>321056}
{:T_IMEMO=>351133}
```
Array allocations after this change:
```
{:T_SYMBOL=>11}
{:T_REGEXP=>1017}
{:T_STRUCT=>6500}
{:T_MATCH=>12004}
{:T_DATA=>84092}
{:T_OBJECT=>87009}
{:T_HASH=>110015}
{:T_STRING=>166152}
{:T_ARRAY=>322056}
{:T_NODE=>343558}
```
|
|
|
|
|
| |
This code was added for migration from Rails 3.1 to upper,
now we are developing Rails 5.
|
|\
| |
| | |
add missing test for action regexp for routing
|
| | |
|
| |
| |
| |
| | |
We should keep the route set generation logic in one place
|
|\ \
| | |
| | | |
Remove duplicity in tests
|
| |/ |
|
|/ |
|
| |
|
|
|
|
| |
onwards.
|
| |
|
|
|
|
|
| |
These are currently working "by accident" because `match_route` does not check
that the name is valid.
|
|
|
|
| |
Fixes https://github.com/rails/rails/issues/17714.
|
| |
|
|
|
|
|
|
|
|
| |
This actually runs a request through the system, using the actual
routing methods as we would use in production, then tests the
path_parameters set on the request object. The `recognize_path` method
isn't actually used in production, so testing what it returns isn't
useful.
|
| |
|
| |
|
|
|
|
| |
warning: assigned but unused variable - scope_called, path and strexp
|
| |
|
| |
|
|
|
|
| |
do not test internals
|
|
|
|
|
|
| |
Change most tests to make use of assert_raise returning the raised
exception rather than relying on a combination of flunk + rescue to
check for exception types/messages.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
JSON.{dump,generate} offered by the JSON gem is not compatiable with
Rails at the moment and can cause a lot of subtle bugs when passed
certain data structures. This changed all direct usage of the JSON gem
in internal Rails code to always go through AS::JSON.{decode,encode}.
We also shouldn't be implementing `to_json` most of the time, and
these occurances are replaced with an equivilent `as_json`
implementation to avoid problems down the road.
See [1] for all the juicy details.
[1]: intridea/multi_json#138 (comment)
|
| |
|
| |
|
|
|
|
|
| |
* Fix named route collision in mount test fixture
* Update controller named route precedence test
|
| |
|